Develop#4
Merged
Merged
Conversation
- Change type from 'project' to 'library' - Update description to reflect unified quality toolchain purpose - Simplify require-dev to essential QA tools (PHPUnit, PHPStan, php-cs-fixer, Rector, Psalm) - Add autoload namespace KaririCode\Devkit (from KaririCode\DevKit) - Add bin entrypoint bin/kcode - Add composer scripts: init, test, analyse, cs:fix, quality, migrate, build - Add branch-alias dev-main → 1.0.x-dev - Switch minimum-stability to stable
- Add structured sections with clear headers - Add environment files (.env, .env.local, .envrc) - Add build/distribution patterns (dist/, tmp/, *.phar) - Add full QA tool cache rules (PHPStan, Psalm, Infection, PHPBench, Rector) - Add logs, docker-compose.override.yml, IDE files (.idea/, .vscode/) - Add macOS/Windows OS artifacts (DS_Store, Thumbs.db) - Add Node/frontend artifact exclusions - Add backup and temp file patterns
- Remove Email.php, Length.php, UserId.php, UserProfile.php, UserRole.php, UserStatus.php - These were created during the initial scaffold phase and are not part of the definitive cli toolchain architecture
- DevkitException: base exception for all devkit errors - ToolException: thrown when a QA tool fails or is not found - ConfigurationException: thrown when config generation fails
…xecution - ProjectContext: immutable value object representing a detected project (root, name, type) - ProjectDetector: detects project type (library/cli/app) by inspecting composer.json - DevkitConfig: resolves and loads .kariricode.json config with sensible defaults - ProcessExecutor: wraps proc_open for subprocess execution with timeout support - MigrationDetector: scans project for deprecated config files needing migration - Devkit: facade wiring all core services for use by commands
- ToolResult: encapsulates exit code, stdout/stderr and elapsed time from a single tool run - QualityReport: aggregates ToolResult instances from the full quality pipeline - MigrationReport: captures list of deprecated configs detected and migration actions applied
…directory - CsFixerConfigGenerator: generates .php-cs-fixer.php tailored to project type - PhpStanConfigGenerator: generates phpstan.neon with strict level config - PhpUnitConfigGenerator: generates phpunit.xml with coverage and test suite config - PsalmConfigGenerator: generates psalm.xml adapted to project root - RectorConfigGenerator: generates rector.php with PHP 8.4+ rule sets
- AbstractToolRunner: base class enforcing ToolRunner contract, resolves binary path, invokes ProcessExecutor - PhpUnitRunner: runs PHPUnit with coverage-clover and testdox flags - PhpStanRunner: runs PHPStan analyse with neon config - CsFixerRunner: runs PHP-CS-Fixer in fix or dry-run (--check) mode - RectorRunner: runs Rector in process or dry-run mode - PsalmRunner: runs Psalm with shepherd and psalm-info level config - ComposerAuditRunner: runs composer audit for known vulnerability detection
- Application: registers all commands in the Symfony Console app, sets version from composer.json - AbstractCommand: base class providing styled output helpers (info/success/error/step/table) - InitCommand: generates all .kcode/ config files using Configuration generators - TestCommand: wraps PhpUnitRunner, supports --filter and --coverage flags - AnalyseCommand: runs PHPStan and Psalm sequentially via runners - CsFixCommand: runs PHP-CS-Fixer; accepts --check for dry-run - RectorCommand: runs Rector; accepts --dry-run flag - FormatCommand: combines cs:fix and rector in single step - QualityCommand: full pipeline (cs-check → analyse → test → security) - SecurityCommand: runs ComposerAuditRunner for vulnerability check - MigrateCommand: uses MigrationDetector to migrate legacy configs to .kcode/ - CleanCommand: removes generated .kcode/build artefacts
- Executable PHP script that bootstraps the Application class - Loaded by composer as bin entrypoint (bin/kcode in composer.json) - Supports running as phar (box compile) or natively via vendor autoload
- Configures main entry point (bin/kcode), output (build/kcode.phar) - Includes src/ and vendor/ for autoload bootstrap - Strips dev classes (tests/) and unnecessary metadata for minimal PHAR size - Enables compression (GZ) and signed PHAR integrity
…build system - Add install/install-prod targets for composer dependency management - Add quality pipeline: test, analyse, cs-check, cs-fix, rector, format, lint - Add build target: compile kcode.phar via humbug/box with version/commit metadata - Add verify target: smoke-test PHAR commands after compilation - Add self-test target: run kcode.phar against the devkit project itself - Add release target: quality → build → verify full pipeline - Add clean/distclean targets for artifact removal - Add check-env diagnostics target - Add _require-box, _require-vendor, _require-phar guards
…istribution - ci.yml: simplify pipeline to use kcode binary (init → quality) instead of raw tool invocations - ci.yml: add PHP 8.4 matrix, composer cache, and artifact upload for kcode.phar - release.yml: new workflow triggered on version tag (v*) to auto-build and publish PHAR to GitHub Releases
- ADR-001: PHAR distribution strategy using humbug/box - ADR-002: Zero external runtime dependencies (PHP stdlib only) - ADR-003: Config generation into .kcode/ isolated directory - ADR-004: kcode binary resolution order (phar → vendor → fallback) - ADR-005: .kariricode.json as central project config contract - ADR-006: Immutable value objects for ToolResult, QualityReport, MigrationReport
- Document all new features: kcode CLI binary, commands, runners, config generators - Follow Keep a Changelog format with Added/Changed/Removed sections
… toolchain - Replace dev-environment scaffold documentation with cli toolchain usage - Add installation section (composer require + bin/kcode) - Document all kcode commands: init, test, analyse, cs:fix, rector, format, quality, migrate, security, clean - Add PHAR distribution instructions (make build, make release) - Add architecture overview: Command → Runner → Core → Configuration → ValueObject layers - Add ADR and SPEC references
…files - Remove .config/ (PHP/PHPMD config for old Docker scaffold) - Remove .docs/ (Makefile documentation for old scaffold) - Remove .make/ (modular Makefile includes for old scaffold) - Remove devkit/ (old devkit config directory) - Remove docker-compose.yml, .env.example, .env.xdebug (Docker scaffold) - Remove .php-cs-fixer.php, phpcs.xml, phpstan.neon (root-level tool configs replaced by generators) - Remove infection.json, phpbench.json (tools not part of new toolchain) - Remove .editorconfig, .gitattributes, .vscode/ (IDE/editor artifacts) - Remove build/, coverage/ (generated artefacts should not be tracked) - Remove .php-cs-fixer.cache (cache file) - Update LICENSE to include full author attribution (Walmir Silva / KaririCode Framework)
…ix phpunit.xml - Remove tests/Unit/ValueObjectsTest.php (tested Email, UserId — removed) - Remove tests/Unit/UserProfileTest.php (tested UserProfile — removed) - Remove tests/Unit/EnumsTest.php (tested UserRole, UserStatus — removed) - Remove tests/Integration/UserProfileFlowTest.php (tested UserProfile flow — removed) - phpunit.xml: remove non-existent Functional test suite - phpunit.xml: simplify logging (keep only JUnit for CI)
- DevkitExceptionTest: projectNotDetected() and directoryNotWritable() factory messages - ConfigurationExceptionTest: invalidOverride() and fileNotReadable() messages, extends DevkitException - ToolExceptionTest: binaryNotFound(), executionFailed() with exit code in getCode(), empty output placeholder
… MigrationReport - ToolResultTest: success flag based on exit code, output() combining stdout+stderr, empty output placeholder, whitespace trimming - QualityReportTest: passed flag, failureCount, totalSeconds aggregation, failures() filter, empty report edge case - MigrationReportTest: hasRedundancies, totalItems count across all categories, removeFiles() with real temp files
- ProjectContextTest: devkitDir/buildDir composition, configPath(), buildPath(), relativize(), relativeSourceDirs(), relativeTestDirs(), relativize with external path - DevkitConfigTest: no-config defaults, get() with default, config file loading, unknown key fallback, type mismatch throws ConfigurationException, invalid return throws ConfigurationException, toolVersions() parsing - phpunit.xml: add tests/Integration placeholder directory to suite
When bin/kcode is invoked via 'composer run' or as a composer script, $argv is not available in the outer scope of the static closure. The fix passes $argv as the IIFE parameter with a null-coalescing fallback to ensure kcode works both when called directly and via composer scripts.
- Add coverage/, reports/ (generated artefacts) - Cover legacy scaffold files: docker-compose.yml, .env.example, .env.xdebug, .gitattributes, .editorconfig - Cover tool configs not part of the new toolchain: infection.json, phpbench.json, phpcs.xml, phpmd.xml, phpstan.neon, .php-cs-fixer.php, .rector.php - Add IDE: .vscode/, .idea/, *.code-workspace - Add environment files: .env, .env.*.local - Add OS artifacts: .DS_Store, Thumbs.db - All untracked legacy disk files are now properly gitignored
…x scripts - Bump phpunit/phpunit from ^11.0 to ^12.0 (matches installed 12.4.2) - Rename composer scripts from 'init/test/analyse/...' to 'kcode:*' prefix to avoid name collision with built-in Composer commands (e.g. 'init') - Add allow-plugins.infection/extension-installer: false to suppress plugin loading warning for the removed infection dependency
- 256M is sufficient for a small CLI library test suite (actual usage: 22MB) - Reformat opening tag attributes one-per-line for readability - No functional test changes (all 41 tests still pass)
…ality workflow ci.yml: - Add 'develop' branch to push/pull_request triggers (was only 'main') code-quality.yml: - Replace 378-line legacy workflow (PHPMD, phpmetrics, dead-code, psalm optional) with lean 160-line workflow aligned to the kcode CLI toolchain - Jobs: dependencies → security → phpstan → cs-fixer → quality-summary - All QA steps now use 'vendor/bin/kcode' as the entry point - Remove PHPMD job (PHPMD not part of kcode toolchain, devkit/.config/phpmd/ruleset.xml deleted) - Remove phpmetrics, dead-code, psalm-optional jobs (runtime composer require anti-pattern) - Add composer cache on all jobs for faster CI runs - Standardize GITHUB_OUTPUT quoting with double quotes (ShellCheck)
Changes: - Add 'security' target: runs kcode security (composer audit) - Add '_require-kcode' guard: verifies vendor/bin/kcode exists before quality targets - Add '--no-scripts' to install/install-prod to prevent broken kcode init script - VERSION: prefer git tag over box.json metadata (more reliable in CI/CD) - remove 'composer.lock' deletion from distclean (library — lock not tracked) - check-env: detect kcode via 'test -f vendor/bin/kcode', add box install URL, improve phar.readonly warning with actionable message - help: rename 'Build' section to 'Dependencies & Build', add check-env, rename 'Quality' to 'Quality & Toolchain', add security and lint entries - quality targets: add '_require-kcode' order-only prerequisite - All quality targets now documented with accurate descriptions
- Update phpunit constraint example from ^11.0 to ^12.0 - Fix Project Stats: 36 → 38 PHP source files, ~2300 → ~2900 total lines - Add --no-scripts to composer install example in CI Integration section (prevents broken kcode init script invocation during install) - Replace 'composer global require humbug/box' with wget standalone install (consistent with CI workflows and make _require-box error message)
- Document all critical and configuration fixes applied in the review session: bin/kcode Fatal TypeError, composer.json constraints and scripts, Makefile targets and guards, phpunit.xml memory_limit, CI workflows and .gitignore expansion - Add unit test suite addition (41 tests / 81 assertions) to Added section - Fix 1.0.0 entry: adjust date from 2025-02-28 to 2025-12-01 (more accurate), update Makefile target list to include 'security' added in this session
BUILDING.md: - Add --no-scripts to manual 'composer install' command (prevents kcode init from running during install before binary exists) - Update Version Bumping section: Makefile now resolves VERSION via 'git describe --tags' first, falling back to box.json → 'dev' INDEX.md: - Add Code Quality workflow to Quick Navigation (code-quality.yml: security + phpstan + cs-fixer via kcode) - Update CI workflow description: 'Tests + PHAR build on push/PR'
Runners (CsFixerRunner, PhpStanRunner, PhpUnitRunner, PsalmRunner, RectorRunner, ComposerAuditRunner): - Add #[Override] attribute to toolName(), vendorBin(), defaultArguments() PhpStanConfigGenerator: - Remove checkMissingIterableValueType and checkGenericClassInNonGenericObjectType (removed from PHPStan 2.x core; cause Invalid configuration errors) CsFixerConfigGenerator: - Add (string) cast on preg_replace() return values in exportRules() Devkit.php: - Add false !== guard before str_contains() in appendGitignore() - Add SplFileInfo @var in removeRecursive() foreach DevkitConfig.php: - Add @var array<string, mixed> before assigning overrides - Fix toolVersions() to filter array<string,string> via array_filter MigrationDetector.php + MigrationReport.php: - Add false !== guard on file_get_contents() and json_encode() - Extract requireDev with @var and is_array() for type-safe access - Fix removePackagesFromComposer() to write back updated requireDev - Add SplFileInfo @var in removeRecursive() foreach ProjectDetector.php: - Add false !== guard on file_get_contents() - Extract psr4Source, psr4Test, projectName with proper is_array() guards - Fix detectNamespace(): double is_array() for autoload + psr-4 sub-access - Fix detectPhpVersion(): use is_string() instead of (string) cast - Precise @var annotations for all array parameters Result: PHPStan level 9 -> 0 errors, PHPUnit 41/41 OK
Box 4.x has a known PHP 8.4 incompatibility (chdir() errno 20 in endBuffering()). Replace it with bin/build-phar.php — a native PHP Phar builder with no external dependencies. Changes: - composer.json: scripts.build → php -d phar.readonly=0 bin/build-phar.php - Makefile: remove BOX var and _require-box guard; build target uses PHAR_BUILDER = bin/build-phar.php; VERSION simplified to git tag only; check-env shows PHAR builder status instead of box version - README.md: remove humbug/box from requirements and quick build - docs/BUILDING.md: rewrite around bin/build-phar.php; document why native builder was chosen; remove all box.json references
README.md: - Center-aligned hero with 7 badges (PHP, Composer, License, PHPStan, Tests, KaririCode) and navigation link bar - Before/after diff block showing the five-to-one dep reduction - Unified table-based CLI reference with flags and options - Separated CI examples: unified pipeline + parallel jobs - Architecture section with component layout, dependency flow diagram, and key design decisions table linking to ADRs - Project Stats table includes PHPStan level (0 errors) and test count - Building kcode.phar section updated for bin/build-phar.php - KaririCode ecosystem footer with links CHANGELOG.md: - Added/Changed/Fixed/Removed structure with precise technical context - [Unreleased] consolidates all post-v1.0.0 work including type-safety fixes (35 PHPStan errors → 0), CVE remediation, box removal - Net-result summary line at end of [Unreleased] - Comparison URL links in footer docs/INDEX.md: - Introductory paragraph placed before tables - Quick Navigation converted to table format (Document + Description) - box.json reference removed (builder replaced by bin/build-phar.php) - code-quality.yml added to Quick Navigation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.